This copy is for your personal, non-commercial use only. To order presentation-ready copies for distribution to your colleagues, clients or customers, click the "Reprints" link at the top of any article.

Long Odds for 2012 Cybersecurity Law

Republican opposition keeps Senate from passing Lieberman bill.

The Senate’s failure to move forward on a bill to strengthen U.S. computer defenses leaves little chance that Congress can find a compromise this year, as lawmakers turn their attention to November’s election.

The chamber’s Democratic leadership failed yesterday to get the 60 votes needed to force a final vote on the cybersecurity measure before the Senate leaves this week for an August recess. The vote was 52-46, largely along party lines, as most Republicans opposed a bill their leaders called a burden for businesses.

“As a practical matter, it’s probably dead,” Stewart Baker, a former assistant secretary for policy at the Department of Homeland Security, said in an interview. “There’s some people hoping against hope to revive it, but given the calendar and the difficulty of the issues, it would be almost impossible.”

The Republicans’ roadblock was a setback for President Barack Obama’s administration, which tried to build support through a series of briefings for senators on potential dangers of a digital attack on the nation’s infrastructure, including a simulated assault on New York City’s power grid.

The bill from Senate Homeland Security Committee Chairman Joe Lieberman, a Connecticut independent, originally proposed government-issued computer security standards for privately owned infrastructure, such as electrical and water systems, considered essential to national security. It also promoted information sharing about cyber threats between businesses and the U.S. government.

Last month, Lieberman and his co-sponsors sought to attract Republican support by revising the measure, replacing mandatory security rules with a system for developing voluntary industry standards, with incentives for companies to adopt them.

The Senate’s Republican leadership, the U.S. Chamber of Commerce and other business groups opposed the legislation even with the changes, saying the voluntary infrastructure standards would be a back door to later imposing government regulations.

“Between business pressures and electoral pressures, there’s no way they’re going to get to anything useful,” James Lewis, technology program director at the Center for Strategic and International Studies, said in an interview. “The game now will be each side blames the other.”

Obama may be able, by executive order, to accomplish some of the legislation’s goals, said Baker, now a partner at the Steptoe & Johnson law firm in Washington.

‘Profound Disappointment’

Jay Carney, the White House press secretary, in an e-mailed statement yesterday blamed the Senate vote on “the politics of obstructionism, driven by special-interest groups seeking to avoid accountability.”

Cyber attacks on U.S. computer networks increased 17-fold from 2009 through 2011, General Keith Alexander, director of the National Security Agency and the U.S. Cyber Command, said last month, citing reports that digital adversaries have stolen $1 trillion of U.S. intellectual property.

Citigroup Inc., the third-largest U.S. bank by assets, and Lockheed Martin Corp., the world’s largest defense company, were among U.S. companies that suffered cyber attacks last year.

“It’s not just another political argument in a campaign,” Lieberman told reporters after yesterday’s vote. “This is about what everyone acknowledges is rising to be a serious threat to America’s security in the years ahead.”

Lieberman said he wasn’t optimistic about the bill’s chances, though he said he’s open to further negotiations on amendments.

A co-sponsor, California Democratic Senator Dianne Feinstein, said backers would continue to seek an agreement during the August break. “Either it’s done by September, or we’re not going to be able to do it,” she said.

Senate Minority Leader Mitch McConnell, a Kentucky Republican, said before the vote that Majority Leader Harry Reid was trying to “steamroll” the bill past opponents seeking to vote on amendments. Reid, a Nevada Democrat, said Republicans are “running like scared cats” to please the Chamber, the largest business lobbying group.

Five Republicans crossed party lines to vote in favor of proceeding with the bill, and five Democrats sided with Republicans in blocking the measure. Reid also voted no for procedural reasons, so he can later bring up the bill for reconsideration.

A cybersecurity measure that passed the Republican- controlled House of Representatives in April focuses on cyber- threat information sharing without setting standards for companies. It is sponsored by Representative Mike Rogers, a Michigan Republican who leads the House Intelligence Committee.

Carney described the House bill as “deeply flawed,” saying it threatens the privacy of consumer data and does nothing to protect the nation’s infrastructure.

Treasury & Risk

Treasury & Risk is an online publication and robust website designed to meet the information needs of finance, treasury, and risk management professionals. Our editorial content, delivered through multiple interactive channels, mixes strategic insights from thought leaders with in-depth analysis of best practices, original research projects, and case studies with corporate innovators.